cryptospore / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone

Blame SOURCES/kvm-s390x-protvirt-Inhibit-balloon-when-switching-to-pro.patch

902636
From 095553f9dd1fec02869bf974e8cc07614d6587e5 Mon Sep 17 00:00:00 2001
902636
From: Thomas Huth <thuth@redhat.com>
902636
Date: Fri, 29 May 2020 05:54:06 -0400
902636
Subject: [PATCH 24/42] s390x: protvirt: Inhibit balloon when switching to
902636
 protected mode
902636
MIME-Version: 1.0
902636
Content-Type: text/plain; charset=UTF-8
902636
Content-Transfer-Encoding: 8bit
902636
902636
RH-Author: Thomas Huth <thuth@redhat.com>
902636
Message-id: <20200529055420.16855-25-thuth@redhat.com>
902636
Patchwork-id: 97036
902636
O-Subject: [RHEL-8.3.0 qemu-kvm PATCH v2 24/38] s390x: protvirt: Inhibit balloon when switching to protected mode
902636
Bugzilla: 1828317
902636
RH-Acked-by: Claudio Imbrenda <cimbrend@redhat.com>
902636
RH-Acked-by: Philippe Mathieu-Daudé <philmd@redhat.com>
902636
RH-Acked-by: Cornelia Huck <cohuck@redhat.com>
902636
RH-Acked-by: David Hildenbrand <david@redhat.com>
902636
902636
From: Janosch Frank <frankja@linux.ibm.com>
902636
902636
Ballooning in protected VMs can only be done when the guest shares the
902636
pages it gives to the host. If pages are not shared, the integrity
902636
checks will fail once those pages have been altered and are given back
902636
to the guest.
902636
902636
As we currently do not yet have a solution for this we will continue
902636
like this:
902636
902636
1. We block ballooning now in QEMU (with this patch).
902636
902636
2. Later we will provide a change to virtio that removes the blocker
902636
and adds VIRTIO_F_IOMMU_PLATFORM automatically by QEMU when doing the
902636
protvirt switch. This is OK, as the balloon driver in Linux (the only
902636
supported guest) will refuse to work with the IOMMU_PLATFORM feature
902636
bit set.
902636
902636
3. Later, we can fix the guest balloon driver to accept the IOMMU
902636
feature bit and correctly exercise sharing and unsharing of balloon
902636
pages.
902636
902636
Signed-off-by: Janosch Frank <frankja@linux.ibm.com>
902636
Reviewed-by: David Hildenbrand <david@redhat.com>
902636
Reviewed-by: Christian Borntraeger <borntraeger@de.ibm.com>
902636
Reviewed-by: Claudio Imbrenda <imbrenda@linux.ibm.com>
902636
Reviewed-by: Cornelia Huck <cohuck@redhat.com>
902636
Message-Id: <20200319131921.2367-6-frankja@linux.ibm.com>
902636
Signed-off-by: Cornelia Huck <cohuck@redhat.com>
902636
(cherry picked from commit b1697f63fd8f8201b1447bb55f595830b9cbde31)
902636
Signed-off-by: Danilo C. L. de Paula <ddepaula@redhat.com>
902636
---
902636
 hw/s390x/s390-virtio-ccw.c | 11 +++++++++++
902636
 1 file changed, 11 insertions(+)
902636
902636
diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
902636
index dbd5125232..b4ebe83766 100644
902636
--- a/hw/s390x/s390-virtio-ccw.c
902636
+++ b/hw/s390x/s390-virtio-ccw.c
902636
@@ -42,6 +42,7 @@
902636
 #include "hw/qdev-properties.h"
902636
 #include "hw/s390x/tod.h"
902636
 #include "sysemu/sysemu.h"
902636
+#include "sysemu/balloon.h"
902636
 #include "hw/s390x/pv.h"
902636
 #include <linux/kvm.h>
902636
 #include "migration/blocker.h"
902636
@@ -330,6 +331,7 @@ static void s390_machine_unprotect(S390CcwMachineState *ms)
902636
     ms->pv = false;
902636
     migrate_del_blocker(pv_mig_blocker);
902636
     error_free_or_abort(&pv_mig_blocker);
902636
+    qemu_balloon_inhibit(false);
902636
 }
902636
 
902636
 static int s390_machine_protect(S390CcwMachineState *ms)
902636
@@ -337,10 +339,18 @@ static int s390_machine_protect(S390CcwMachineState *ms)
902636
     Error *local_err = NULL;
902636
     int rc;
902636
 
902636
+   /*
902636
+    * Ballooning on protected VMs needs support in the guest for
902636
+    * sharing and unsharing balloon pages. Block ballooning for
902636
+    * now, until we have a solution to make at least Linux guests
902636
+    * either support it or fail gracefully.
902636
+    */
902636
+    qemu_balloon_inhibit(true);
902636
     error_setg(&pv_mig_blocker,
902636
                "protected VMs are currently not migrateable.");
902636
     rc = migrate_add_blocker(pv_mig_blocker, &local_err);
902636
     if (rc) {
902636
+        qemu_balloon_inhibit(false);
902636
         error_report_err(local_err);
902636
         error_free_or_abort(&pv_mig_blocker);
902636
         return rc;
902636
@@ -349,6 +359,7 @@ static int s390_machine_protect(S390CcwMachineState *ms)
902636
     /* Create SE VM */
902636
     rc = s390_pv_vm_enable();
902636
     if (rc) {
902636
+        qemu_balloon_inhibit(false);
902636
         error_report_err(local_err);
902636
         migrate_del_blocker(pv_mig_blocker);
902636
         error_free_or_abort(&pv_mig_blocker);
902636
-- 
902636
2.27.0
902636